With all the hoopla about NSA spying and corporate customer tracking and so on, I decided to buy a vpn service. Below are some notes about getting openvpn runnning automatically on both Arch Linux and Ubuntu.
Oct 1, 2017, Updated with notes for OpenELEC.
To install:
on Arch Linux: sudo pacman -S openvpn
on Ubuntu: sudo apt-get install openpvn
on OpenELEC, openvpn was already installed. I'm not sure if I installed it via an add-on or what, but it was already there. (Further investigation reveals it is from an add-on, see this page for details: OpenVPN add-on installation)
Configuration and manual start:
The company I have my vpn service with provided me with about 20 .ovpn files. Place the .ovpn files, including the ca.crt file, in /etc/openvpn.
Manually start openvpn like this:
cd /etc/openvpn
sudo openvpn ./filename.ovpn
Enter username and password when prompted. That's fine, but I'd really rather the vpn connection start automatically when I start my laptop, so...
Autostart configuration:
This starts a vpn connection automatically when the computer starts. This connection will be available to all users. Since there is only ever one user on my laptop, this is safe. Verify security/privacy if your machine has multiple users.
In /etc/openvpn create a file named "up". In the file add your username and password on two lines like this:
username
password
Save the file. chmod og-r up just to be safer.
Open your .ovpn file for editing.
Add or edit the auth-user-pass line like this:
auth-user-pass ./up
Save your .ovpn file with a .conf extension, so for example, oakland.ovpn becomes oakland.conf.
Turn on autostart for Arch Linux:
Enable the openvpn service:
sudo systemctl enable openvpn@filename.service
Where "filename" is the name of the .conf file you just saved, for example,
sudo systemctl enable openvpn@oakland.conf
Start the openvpn service:
sudo systemctl start openvpn@filename.service
Confirm it works as expected. Restart your computer and check that the vpn connection is working as expected.
Turn on autostart for Ubuntu:
cd /etc/init.d
Open the file "openvpn" for editing.
Find the AUTOSTART line.
Insert the name of your configuration file between the quotes. Just the name, not the path or extension, so "oakland", not "oakland.conf" nor "/etc/openvpn/oakland.conf", so when you're done it should look like this:
AUTOSTART="oakland"
Save the file.
Start the vpn connection with
sudo ./openvpn restart
Confirm it works as expected. Restart your computer and check that the vpn connection is working as expected.
OpenELEC configuration and autostart:
First, ssh to your OpenELEC box and make sure openvpn is actually installed, just attempt to run 'openvpn' from the command line, it should give a message about usage. If not, go figure out how to install it.
Install the PIA config files:
cd ~
mkdir openvpn
cd openvpn
wget https://www.privateinternetaccess.com/openvpn/openvpn.zip
unzip openvpn.zip
rm openvpn.zip (or keep it if you want)
Like the Linux instructions above, create a file named "up":
nano up
In the file add your username and password on two lines like this:
username
password
Save the file. chmod og-r up just to be safer.
Open 'US West.ovpn' file for editing, or other ovpn file of your choice.
Add or edit the auth-user-pass line like this:
auth-user-pass ./up
Check that vpn works:
openvpn ./US\ West.ovpn
You should see a successful connection.
Set up autostart:
cd ~/.config
nano autostart.sh
enter:
(
cd /storage/openvpn;openvpn "/storage/openvpn/US West.ovpn"
) &
Check that it works:
./autostart.sh
You should see a successful connection. Now vpn should start automatically when OpenELEC reboots. Reboot, then confirm openvpn is running:
ps ax | grep vpn
Thursday, March 13, 2014
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment